5 Replies Latest reply on Feb 21, 2008 2:01 PM by bdavis

    1.5 alternateBaseDN broken

    bdavis

      The setup page for LDAP asks for the Admin DN. If you give it a fully qualified DN, getContext() in LdapConfigure always fails and falls through to the alternateBaseDN.

       

      If the alternateBaseDN is empy, you won't notice. But if you do specify an alternateBaseDN, then you can't login to the site.

       

      If you change the adminDN property to the admin's username, then you are able to login. However, users in the alternate DN cannot login in either case.

       

      So what do you want for the ldap.adminDN property: The actual DN or just the username?

       

      In the file LdapConfigure.java in getContext() there are two attempts to get the ldap context:

       

      return getContext(getBaseDN(), toRDN(userId), password);

       

      If this throws an exception it tries the alternate:

       

      return getContext(getAlternateBaseDN(), userId, password);

       

      Notice no call to toRDN(userId). Is that intentional?